Ransomware, supply-chain breaches and zero-day exploits dominate this 48-hour DFIR roundup. Hospitals, telecoms and e-commerce platforms face data theft, while regulators tighten data-sovereignty and patching expectations in Europe and India. New Windows and React vulnerabilities, AT&T’s dark web fallout and fresh law-enforcement advisories underscore why robust logging, rapid patching and vendor risk management remain non-negotiable for security and leadership teams.

The latest 48-hour DFM cybersecurity roundup highlights major breaches, active zero-day exploitation and rising regulatory pressure across global sectors. Key developments include the Coupang megabreach, React2Shell exploitation, Android emergency patches, strengthened G7 incident-response expectations and new NIS2-driven compliance duties. DFIR teams face escalating operational, legal and supply-chain risks as attackers refine extortion tactics and exploit software weaknesses.

Over the past 48 hours, DFIR teams have faced escalating ransomware, supply-chain breaches and state-backed backdoors, while regulators and law enforcement push back with major takedowns and new AI-OT guidance. From European crypto-fraud raids to Asia-Pacific “digital arrest” scams and North American data leaks, the roundup tracks evolving attacker playbooks and practical defensive priorities for security leaders and incident responders.

Ransomware-hit fintechs, leaked university staff records and a massive Coupang customer data exposure headline this 48-hour DFM roundup. Investigators crack camera-hacking and “digital arrest” scams, while Akira and other gangs push fresh victims onto leak sites. Meanwhile governments tighten ransomware and CRA policy, and insecure consumer apps spill highly sensitive personal data worldwide, raising pressure on boards, regulators and responders.

In this 48-hour roundup we track insider-driven mega breaches, disrupted court and logistics systems, and fresh leaks from healthcare and consumer apps. New OT and backend vulnerabilities join the KEV list, while Europol’s Cryptomixer takedown and UK ransomware-reporting plans show growing pressure on the criminal business model and on unprepared boards, demanding faster, evidence-led response and genuinely risk-based cyber governance.